Privacy Policy

This Privacy Policy explains how Helm Social, Inc. (“Helm,” “we,” or “us”) collects, uses, and shares information when you use helmsocial.app, our mobile apps, and any related products or services (collectively, the “Service”).

By using the Service, you agree to this Privacy Policy. If you don’t agree, please don’t use Helm.

1. Information we collect

1.1 Information you give us

• Account details. Email, password (hashed, never stored in clear text), display name, handle, date of birth, and any profile information you choose to share.
• Content you create. Posts, videos, photos, audio, comments, messages, lists, follows, reactions, and metadata about them.
• Verification data. If you sign up as a Business or Brand, your EIN and any documentation you submit for verification.
• Family links. If you connect a Parent profile to a child account, we record that relationship and the parent’s approvals.
• Payment info. Helm currently has no paid tiers. If we add paid features in the future, payment processors will handle card data and we will never see or store your full card number.

1.2 Information we collect automatically

• Device and log data. IP address, browser type, operating system, device identifiers, referring URL, and timestamps. We use this to keep the Service secure and debug problems.
• Usage data. Which screens you visit, which posts you interact with, and broad aggregate engagement signals. We use this to make Helm work better, not to sell you ads.
• Cookies and similar technologies. See our Cookie Policy for details.

1.3 Information from third parties

• Cross-platform connections. If you choose to connect another account (Instagram, TikTok, YouTube, X, Facebook, Snapchat, LinkedIn), we receive the data those platforms send us under your authorization, and only that data. You can disconnect any platform at any time.
• Public sources. For Business and Brand verification, we may consult public business registries.

2. How we use information

We use information to:

• Provide and operate the Service: serve your feed, deliver your messages, sync content across platforms you’ve connected, run live streams, and process verifications.
• Keep accounts secure: detect fraud, prevent bots, enforce two-factor authentication, investigate abuse, and respond to legal requests.
• Personalize your experience based on the role you chose (Kid Creator, Teen, Member, Creator, Business, Brand, Parent) and the topics you follow. We do not sell this profile.
• Communicate with you about account events, safety, policy updates, and product news. You can opt out of non-essential email at any time.
• Comply with law and protect rights, including responding to subpoenas, court orders, and lawful requests from authorities, after reviewing each request and pushing back where appropriate.

3. Who we share information with

We share information only in these specific cases:

• Other users. Public posts are visible to anyone. Friends-only and private posts are visible only to your audience as you set it. Your profile (handle, display name, bio, avatar) is public by default.
• Service providers. Vendors who help us run Helm (hosting, video delivery, email, error monitoring) get access to the minimum information they need to do their job, and are bound by contracts that prohibit them from using your data for any other purpose.
• Brand and creator matching. When you opt in to the sponsorship marketplace, Brands you choose to engage with can see the public information on your profile and the analytics you choose to share.
• Legal requests. When required by valid legal process, after we’ve reviewed and challenged the request where appropriate. We will notify you of legal requests when permitted by law.
• Business transfers. If Helm is acquired, your information transfers to the acquirer, who must respect this policy or notify you of changes.

4. Children’s privacy (COPPA)

Helm allows users under 13 to participate only through a Kid Creator account that is linked to a verified Parent account. This complies with the Children’s Online Privacy Protection Act (“COPPA”).

• A Parent must consent to the creation of any account for a child under 13.
• Kid Creator accounts cannot receive direct messages from anyone not pre-approved by the Parent.
• Kid Creator accounts cannot see content tagged 18+.
• Parents can review, edit, or delete their child’s information at any time from the Family section of their account.
• We collect from children only the minimum information necessary to operate the Service.

If you believe a child under 13 has created an account without parental consent, contact us at privacy@helmsocial.app and we will investigate and act quickly.

5. Your choices and rights

You can:

• Access your information from your account settings.
• Export a full archive of your posts, followers, DMs, and saved items at any time.
• Correct profile information from settings.
• Delete your account permanently. Deletion is final after a 30 day grace period.
• Restrict certain processing, such as opting out of analytics tracking or cross-platform sync.
• Object to processing based on legitimate interests.
• Withdraw consent for any optional processing you previously consented to.

6. How we protect your information

We use industry standard security measures, including:

• Two factor authentication required on every account.
• Encrypted connections (HTTPS) for all traffic.
• Encrypted storage for sensitive data including passwords, payment info, and verification documents.
• Least privilege access for our staff and vendors, audited regularly.
• Incident response and breach notification procedures.

No system is perfectly secure. If we ever learn of a breach affecting your data, we will notify you and the appropriate authorities as required by law.

7. How long we keep information

We keep your information for as long as your account is active or as long as needed to provide the Service. After you delete your account, we delete or de-identify your personal information within 30 days, except where we are legally required to keep it longer (for example, financial records, abuse reports, or law enforcement preservation requests).

8. California privacy rights (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:

• Right to know what categories of personal information we collect and the sources, purposes, and recipients.
• Right to delete your personal information, subject to certain exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the sale or sharing of personal information. Helm does not sell personal information.
• Right to limit use of sensitive personal information.
• Right to non-discrimination for exercising any of these rights.

To exercise these rights, email privacy@helmsocial.app with the subject line “California Privacy Request.”

9. European privacy rights (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (and equivalents) including the rights to access, rectify, erase, restrict, port, and object. The lawful bases on which we process your data are: contract (to provide the Service you signed up for), legitimate interests (to keep Helm secure and improve it), consent (where required), and legal obligation.

To exercise GDPR rights, email privacy@helmsocial.app. You also have the right to lodge a complaint with your local supervisory authority.

10. International users

Helm is operated from the United States. By using the Service, you understand that your information will be processed in the United States, which may have different privacy protections than your country of residence. We protect international transfers with appropriate safeguards including Standard Contractual Clauses where applicable.

11. Changes to this policy

We will update this policy from time to time. When we make material changes, we will notify you by email or by a prominent in app notice at least 30 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance.

12. Contact us

Helm Social, Inc.
Email: privacy@helmsocial.app
General: hello@helmsocial.app

For California, GDPR, or COPPA inquiries, please use the subject line that matches your request.